Performing a biometric comparison rather than using a personal identification number (PIN) with a smart card is desirable since it provides a stronger binding of the card to a user. Due to computation and memory constraints of smart cards in the relevant art, only a small portion of the biometric processing, generally the final match can reasonably be performed on the card. Moreover, an integrated device which incorporates the features of a smart card reader and a biometric sensor capable of performing all of the biometric processing would be prohibitively expensive for most purposes, since it would require the computational capability and memory capacity of at least a modern desktop computer system.
This requires that a local computer system in communication with the integrated device be involved in certain aspects of biometric processing such as image enhancement, biometric feature extraction, template creation and template alignment. For identification or authentication purposes, local computer systems are not trusted due to their generally being situated in locales which facilitates unrestricted physical and/or logical access to the computer.
The generally unrestricted access to the local computer system could allow an unauthorized entity to provide information other than that derived from a “live” source in order to deceive the integrated device and associated smart card into falsely identifying and/or authenticating the unauthorized entity. The most likely example of this is the inclusion of malicious software on the local computer system which supplies biometric templates either obtained from a hacked database, or a replay of a previously generated biometric template to the integrated device without detection of the fraudulent transaction. Since the integrated device lacks the processing capabilities to internally generate the biometric template, it cannot determine whether the biometric template supplied by the local computer system is derived from a “live” source or is a fraudulent presentation.
Efforts to improve security of inputs are known in the relevant art. For example, U.S. Pat. No. 6,092,202 to Veil, et al. discloses a secure method and system which provides a trusted security processor between a smart card and a computer system. This arrangement may be effective but requires a reasonably powerful microprocessor and difficult to maintain embedded algorithms to extract biometric information for use with the smart card.
In another example, U.S. Pat. No. 6,219,439 to Burger discloses a portable standalone biometric scanner having a smart card interface. The invention provides a secure mechanism to prevent online capture of biometric data but also requires a reasonably powerful microprocessor and difficult to maintain embedded algorithms to extract biometric information for use with the smart card.
In a final example, US patent application 2002/003581 to Janiak, et al. discloses another integrated biometric scanner and smart card reader device. The device provides much of the processing for matching by the smart card, but as before, requires a reasonably powerful microprocessor and difficult to maintain embedded algorithms to extract biometric information for use with the smart card.